An Iranian-born, naturalized U.S. 40-year-old man who launched multiple international cyberattacks against media outlets, bloggers and legal news aggregation sites was sentenced Monday to five years in federal prison and pay more than $520,000 in compensation, the U.S. attorney for the Northern District of Texas said. Erin Nealy Cox. At sentencing, the judge also found that Mr. Rakhshan obstructed justice by perjuring himself at a hearing in 2017. Mr. Rakhshan lied about the possession of 10 email addresses that he used to facilitate the crime. Mr.
Rakhshan also lied about his illegal return to Canada after his deportation. Mr. Rakhshan committed a crime from at least December 2014 to at least August 2015, while residing in various states in the United States and Vancouver, Canada. (1999). CIVIL DISOBEDIENCE: A Legal Handbook for Activists. Retrieved 2013-12-03 by www.elc.uvic.ca/projects/1999-01/civil_disobedience.html Given the tough legal measures, it`s no wonder Facebook has decided to end groups that call for participation in DDoS attacks (www.technicallylegal.org/the-legality-of-denial-of-service-attacks/, 2010). And this list is not exhaustive. The impact on the business in the form of financial losses, loss of credibility, embarrassing publicity overall, etc.
is immense. Basically, DDoS attacks are so prevalent that this event reaches a point where we could define it as ubiquitous. These facts, along with all that is already responsible for DDoS attacks, ring alarm bells that legalizing such crimes could open the next chapter of the “Black Death” in human history. According to the plea, Mr. Rakhshan admitted to conspiring with others to launch a distributed denial of service (DDoS) attack against Leagle.com in January 2015, a legal aggregation site that had published publicly available information about his previous criminal conviction in Canada. The .com Leagle website was hosted by a provider based in Dallas, Texas. An application-layer DDoS attack (sometimes referred to as a layer 7 DDoS attack) is a form of DDoS attack in which attackers target application-layer processes.   The attack performs certain functions or features of a website with the intent to disable those functions or features.
This application-layer attack is different from a network-wide attack and is often used against financial institutions to distract IT and security staff from security breaches.  In 2013, application-layer DDoS attacks accounted for 20% of all DDoS attacks.  According to a study by Akamai Technologies, there were “51% more application-layer attacks” between Q4 2013 and Q4 2014 and “16% more” between Q3 2014 and Q4 2014.  November 2017; Junade Ali, an engineer at Cloudflare, found that while network-layer attacks continue to have high capacity, they are less common. Ali also pointed out that although network-layer attacks have become rarer, Cloudflare`s data showed that application-layer attacks still show no signs of slowing down.  In December 2021, following the Log4Shell vulnerability, a second vulnerability was discovered in the Log4j open source library that could lead to application-layer DDoS attacks.  Information sites and link pages – websites whose primary function is to provide links to interesting content elsewhere on the Internet – are the most likely to be the cause of this phenomenon. The canonical example is the Slashdot effect when receiving traffic from Slashdot.
It is also known as the Reddit embrace of death and digg effect. In our opinion, this is certainly the main criterion that makes the difference between DDoS attacks and traditional sit-ins. The resulting consequences are, among other things, numerous and rightly divided into independent points, since they separately constitute reasons for not granting legalization: there is a very dangerous trend that has been going on for some time, in which a DDoS attack is first launched to divert attention, superimposed on a sophisticated intrusion technique or other type of action, what actually seems to be the main step – something like the pincer tactics of Hannibal Barca and Zhukov. From our point of view, participants in civil disobedience are equated with mere criminals, especially if the civil disobedience takes place on the Internet. Although there is usually no law or jurisdiction that deals specifically with this social phenomenon, citizens do not have the legal right to exercise it. Nevertheless, sit-ins, among other shades of this palette, are deliberately illegal collective protest activities that violently flout unjust laws and policies. They are practiced on the belief in primafacie illegality, i.e. a manifestly illegal act that is then legitimized (Züger, 2013). Some providers offer so-called booter or stress services, which have simple web-based interfaces and accept web-based payments. Marketed and promoted as stress testing tools, they can be used to perform unauthorized denial-of-service attacks and allow technically inexperienced attackers to gain access to sophisticated attack tools.  Traffic generated by a consumer stressor, normally operated by a botnet, can range from 5 to 50 Gbps, which in most cases can prevent the average home user from accessing the Internet.
 legalpiracy.wordpress.com (2011). DDoS attacks and the law. Retrieved 2013-12-03 by legalpiracy.wordpress.com/2011/01/10/ddos-attacks-and-the-law/ In European countries, regardless of the method a person uses to carry out a DDoS attack, whether by SYN flooding (where an attacker quickly initiates a connection without terminating the connection) or other methods, they are stopped and face legal consequences. (www.technicallylegal.org/the-legality-of-denial-of-service-attacks/, 2010). The shrew attack is a denial of service attack on the transmission control protocol in which the attacker uses interception techniques.